1. Field of the Invention
The present invention relates to a technology for accessing personal information and the like in a recording medium on a personal computer or the like.
2. Description of the Related Art
Conventionally, when accessing personal information, etc. in a recording medium on a personal computer or the like, a user has to enter a personal identification number code (hereinafter, “PIN”) for the recording medium each time he/she accesses the information. Such PIN input enhances security and prevents leaks of data including personal information from a recording medium, but impairs usability by forcing a user to enter a PIN each time he/she accesses data in the recording medium.
To solve the problem, a method of accessing a recording medium has been proposed. In the following, the method is explained taking a smart card as an example of a recording medium. The smart card is a plastic card, a little larger than a credit card, embedded with an integrated circuit (IC) chip such as the central processing unit (CPU).
First, a user enters a smart card PIN to access data such as personal information in a smart card on a personal computer. The entered smart card PIN is stored in a memory installed in the personal computer.
The next time the user accesses the data, the smart card PIN stored in the memory is compared to that stored in the smart card. If the two PINs match, the user can access the data. By this means, the user is spared from having to enter the PIN each time he/she accesses the data in the smart card, which facilitates the use of the smart card. Thus, the usability of the smart card can be improved.
Japanese Patent Laid-Open No. HEI6-115287 discloses another method that improves the usability of the smart card. According to the method, first, a user enters a smart card PIN to access data in a smart card on a personal computer. If the smart card PIN is verified, information indicating “PIN verified” is stored in a nonvolatile memory of the smart card. The next time the user accesses the smart card, if the information stored in the nonvolatile memory of the smart card indicates “PIN verified”, the user can access the smart card without PIN verification. By this means, the user is spared from having to enter the PIN each time he/she accesses the data in the smart card, which facilitates the use of the smart card. Thus, the usability of the smart card can be improved.
However, the above conventional methods of accessing a smart card have the following disadvantages. That is, when a smart card PIN is stored in a memory of a personal computer, the PIN stored in the memory of the personal computer may leak via a network. As a result, even if the usability of the smart card is improved, the security is considerably reduced.
Besides, consider the case where, after a smart card PIN is verified, information indicating “PIN verified” is stored in a nonvolatile memory of a smart card. If the user loses the smart card while the PIN is valid, a third party may access data in the smart card.
For example, if the user loses the smart card after the smart card PIN is verified in the office, a third party can freely access data such as personal information in the smart card outside the office. Consequently, the security of data is endangered, and it is highly possible that personal information leaks from the smart card.